DMARC Stages

DMARC should be implemented in four stages.
Image
How to Implement DMARC in stages?

Start the implementation of DMARC by Configuring the DNS with the following TXT record(DMARC) for your domains:

This means that the DMARC is enabled with policy set to ‘none’ and aggregate reports mailed to DMARC360 platform.

The reports generated can be analyzed on the DMARC360 platform which helps to identify & authorize your genuine email sources which result in eliminating email impersonations.


The first stage is to gain visibility of all scenarios and relevant IPs that are being used to send out your emails. This stage may last from one to four weeks or even more based on your email volume and the number of email outgoing scenarios where other parties may be involved.

The second stage is to configure/enhance the SPF and enable DKIM based on the information gathered from stage one. This stage may take a day to a week based on who is managing your DNS record and what change management policy you have in place.

Once you have configured rightly the SPF and DKIM, stage three is about taking the DMARC policy to quarantine. This is where you want the recipient to still accept your SPF and DKIM non-conform emails but with caution. The purpose is to further ensure that you may not have missed any scenarios of your genuine emails.

This stage may last from 2 to 8 weeks depending on the volume of your outgoing emails. Stage three ensured no impact by the DMARC policy on your legitimate emails, enabling us to implement the reject policy in stage four with caution over a period of one to four weeks. This takes you to %100 DMARC compliant.

Sign up to Access DMARC360 Portal